MiracleLinux 4 : nss-3.28.4-4.AXS4 (AXSA:2017-2306:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2306:02 advisory. A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw ...

MiracleLinux 4 : httpd-2.2.15-45.0.1.AXS4 (AXSA:2015-347:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-347:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2013-5704 The modheaders module in th...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001479 advisory. u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility ...

MiracleLinux 7 : python-2.7.5-69.0.1.el7.AXS7 (AXSA:2018-3246:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3246:03 advisory. A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the- middle attacker could use this flaw to recover some...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003774 advisory. In nfcllcpbuildsdreqtlv of llcpcommands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege wi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003735)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003735 advisory. An issue was discovered in the Linux kernel before 4.20.15. The nfcllcpbuildtlv function in net/nfc/llcpcommands.c may return NULL. If the caller does not check for...

MiracleLinux 4 : jakarta-commons-httpclient-3.1-0.9.AXS4 (AXSA:2014-529:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-529:01 advisory. Description: The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled applianc...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ACME TLS certificates' automatic generation. An attacker can exhaust system resources by opening multiple connections, sending minimal ClientHello messages with acme-tls/1, an...

EUVD-2026-2949

Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall...

CVE-2026-21917

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX device configured for UTM Web-Filtering receives a specifical...

CVE-2026-21911

An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...

CVE-2026-21917

CVE-2026-21917 affects Juniper Networks Junos OS on SRX Series with the Web-Filtering (UTM Web-Filtering) module. The issue is an improper validation of syntactic correctness of input in the Web-Filtering component, allowing an unauthenticated, network-based attacker to cause a Denial-of-Service ...

EUVD-2026-2699

An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...

CVE-2026-21911 Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop

An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...

CVE-2026-21911

An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...

CVE-2026-21907 Junos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers)

A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper Networks Junos Space allows the use of static key ciphers ssl-static-key-ciphers, reducing the confidentiality of on-path traffic communicated across the connection. These ciphers also do not support...

Improper Validation of Syntactic Correctness of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input due to the improper validation of matrix parameters in URL paths in JAX-RS routing layer. An attacker can gain access to administrative or sensitive endpoints by crafting requests th...

usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal

...

PT-2026-3125

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S4-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S3-EVO Juniper Networks Junos OS Evolved...

Juniper Junos OS Evolved security vulnerabilities

Juniper Junos OS Evolved is a network operating system developed by the Juniper company. Vulnerabilities exist in versions of Juniper Junos OS Evolved prior to 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, and 23.4R2-EVO. These vulnerabilities stem from...